Nearly 50 Million Influencers Fall Victim to Instagram Data Breach

Earlier this week, close to 50 million instagram influencers and celebrities were victim to a massive Instagram data breach. According to TechCrunch, which first discovered the data breach, the contact information of millions of influencers and celebrities were found online in an unprotected database.

The data collected included public information gathered from influencers’ profiles, such as number of followers, bio, profile picture, location by country and city, and whether or not the user’s account is verified. The database also contained private information including the users’ email addresses and their phone numbers.

In addition, TechCrunch reported that the database comprised analytical information regarding each influencer’s “worth”, including reach, engagement, likes, shares, and number of followers. This information would have likely been used as an indicator to determine the cost for a sponsorship with each influencer.

Advertisement

According to TechCrunch, the database was traced back to Ctrbox, a Mumbai-based influencer marketing company. The data was stored on an Amazon Server.

Facebook is currently trying to get to the bottom of the issue. The company commented on the matter, stating: “We’re looking into the issue to understand if the data described – including email and phone numbers – was from Instagram or from other sources. We’re also inquiring with Chtrbox to understand where this data came from and how it became publicly available.”

The database was not password protected, which allowed anyone to access these influencers and celebrities’ personal information.

TechCrunch reached out to some of the influencers whose data was stored in Chtrbox’s database. As stated by TechCrunch; “We contacted several people at random whose information was found in the database and provided them their phone numbers. Two of the people responded and confirmed their email address and phone number found in the database was used to set up their Instagram accounts. Neither had any involvement with Chtrbox, they said.”

Chtrbox has since removed the database from the server and is adamantly denying that it obtained the data using “unethical” means, like hacking.

“A particular database for limited influencers was inadvertently exposed for approximately 72 hours. This database did not include any sensitive personal data and only contained information available from the public domain, or self-reported by influencers,” stated a Chtrbox representative.

However, on Instagram’s website, the company states that scraping data from users’ accounts constitutes a violation of the social media platform policies. Thus, it is plausible that Chtrbox did in fact obtain the influencers’ data unethically.

TechCrunch reached out to some of the influencers whose data was stored in Chtrbox’s database. As stated by TechChrunch; “We contacted several people at random whose information was found in the database and provided them their phone numbers. Two of the people responded and confirmed their email address and phone number found in the database was used to set up their Instagram accounts. Neither had any involvement with Chtrbox, they said.”

Daniella is a marketing professional who specializes in business development and advertising sales. She has helped with the growth of several companies by curating original content, leading brand development initiatives, and driving business objectives.

Daniella is a marketing professional who specializes in business development and advertising sales. She has helped with the growth of several companies by curating original content, leading brand development initiatives, and driving business objectives.